CN107205080B - Smart phone with independent financial transaction system - Google Patents
Smart phone with independent financial transaction system Download PDFInfo
- Publication number
- CN107205080B CN107205080B CN201610163385.2A CN201610163385A CN107205080B CN 107205080 B CN107205080 B CN 107205080B CN 201610163385 A CN201610163385 A CN 201610163385A CN 107205080 B CN107205080 B CN 107205080B
- Authority
- CN
- China
- Prior art keywords
- password
- financial transaction
- server
- transaction system
- mobile phone
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
- H04M1/72403—User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Finance (AREA)
- Signal Processing (AREA)
- Human Computer Interaction (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Telephonic Communication Services (AREA)
Abstract
The smart phone with the independent financial transaction system is characterized in that a hardware part of the independent financial transaction system is arranged on the existing smart phone, the independent financial transaction system part and the smart phone part coexist in one phone body, but the independent financial transaction system part and the smart phone part can only transmit information through manual input, the independent financial transaction system is a client side of professional financial transaction and does not provide any other functions, once the transaction is finished, the smart phone is turned off, a switch of the smart phone is irrelevant to the independent financial transaction system, and because the independent financial transaction system is in a power-off state most of time, short message receiving of the smart phone, a browser, wifi and other functions cannot influence the independent financial transaction system, and the risk of fund theft can be reduced.
Description
Technical Field
The invention belongs to smart phones, and particularly relates to a financial transaction system of a smart phone.
Background
Along with the popularization of smart phones, mobile phone payment is accepted by more and more people, particularly, the proportion of young people using online shopping is increased year by year, meanwhile, the transaction security problem never stops, the anti-theft and theft are like polices and thieves, the anti-theft technology is developed and is continuously upgraded, wifi signals in public places are refused to be used by some netizens with high alertness, financial fraud caused by phishing through short messages such as special numbers 95588 is also frequently seen at all reporting ends, the mobile phone is infected with Trojan viruses, a pseudo base station sends masked short messages or the mobile phone opens ROOT authority to go out prison, and the condition that unidentified links are clicked is considered to be the main reason that funds are easy to be stolen is provided.
Disclosure of Invention
The technical characteristics are as follows: the independent financial transaction system is arranged on the smart phone and comprises an independent CPU, a power key, a slot or a position clamp, a keyboard or a virtual keyboard, a storage component, a display screen and a cryptographic algorithm which is not related to the smart phone part, wherein the cryptographic algorithm which is not related to the smart phone is calculated by the independent financial transaction system, the same software algorithm or similar hardware structure is not excluded, the slot or the position clamp is used for fixing a financial transaction card and supporting the connection of the financial transaction card and the mobile phone, the financial transaction card is additionally provided by a financial transaction service provider, the mobile phone provides a plurality of financial transaction card slots or position clamps for a mobile phone user to select to use a plurality of financial transaction service providers or replace the financial transaction service providers by replacing the financial transaction card, and the mobile phone part of the independent financial transaction system only provides management software and a public software part of the independent financial transaction system The independent financial transaction system does not allow Wifi access and does not receive any short message, the independent financial transaction system does not select continuous operation after finishing financial transaction, the system is powered off and closed, the operator does not send an operation instruction, the independent financial transaction system is powered off and closed after a certain time, the certain time is considered based on proficiency and safety of user operation, the user is allowed to set and is convenient for different users, the longest time is not allowed to exceed 120 seconds, the independent financial transaction system is provided with an independent power key, the intelligent mobile phone part is opened and is not opened, the independent financial transaction system part and the intelligent mobile phone part only rely on input communication, the independence of the independent financial transaction system means the independence of a transaction link, the transaction flow is divided into two parts, and the order part and the transaction information receiving part are not finished by the independent financial transaction system, but the smart phone is partially completed, and after the mobile phone is lost or large-amount transaction is involved, a third-party mobile phone is adopted to control funds, the financial transaction card is a chip which is provided by a financial transaction facilitator to a user and is specially used for communicating with a server of the facilitator, the financial transaction facilitator refers to a bank or a third party payment facilitator, the IC card of the financial transaction card is provided with two parts of a read-only memory (ROM) and a read-write memory, the readable and writable Memory refers to a Memory with data read and written, such as a Random Access Memory (RAM) or a Flash Memory, a software program, a website address of a financial transaction website and other data which are not allowed to be modified are stored by using a read only Memory, while passwords, salt data, and other data that allows modification or updating are stored in a Random Access Memory (RAM) or Flash Memory (Flash Memory) portion.
The specific implementation mode is as follows:
for the convenience of the following description, the server mentioned in the description refers to a server or a server program of a financial transaction service, the financial transaction service provider refers to a bank or a third-party payment service provider, the former is, for example, a chinese industrial and commercial bank, the latter is, for example, a payment treasure, and correspondingly, a software system of a mobile phone or a mobile phone financial transaction is a client or a browser end of the financial transaction, which is collectively called a client.
1: introduction of hardware: the independent financial transaction system part of the intelligent mobile phone with the independent financial transaction system is a mobile phone with simpler functions, only the independent financial transaction system and the intelligent mobile phone part are totally independent parts, the independent financial transaction system and the intelligent mobile phone part can complete the corresponding work of information only by inputting, the independent financial transaction system is provided with a power key, a CPU, a memory, a display screen, a keyboard or a virtual keyboard, the intelligent mobile phone part and the independent financial transaction system part are mutually irrelevant in startup and shutdown, but the two share the power supply, the independent financial transaction system part does not use the mobile phone card, the financial transaction service provider needs to provide the financial transaction chip, the mobile phone only provides a chip slot or a card position, which is convenient for the mobile phone to use, more than one chip slot or card can accommodate several independent financial transaction systems simultaneously.
2: introduction of software: the software part is divided into a smart phone part and an independent financial transaction system part, the smart phone software part introduced here only describes the software part related to financial transactions, other software of the smart phone is out of discussion range, the smart phone software has three modules, namely an order generation module, an information module sent to a server module and an information module sent by a receiving server, 1: an order generation module, wherein the order has a complete order number, an abbreviated order number and other transaction information, the complete order number and the abbreviated order number are in a corresponding relationship, and 2: after order information is generated, the order information is sent to a server module, the smart phone sends the order information to a server, and 3: the method comprises the steps of receiving an information module sent by a server, wherein an order cannot be paid successfully or traded successfully after a certain period of time, the order is cancelled, after the trading is successful, the server sends trading information to a smart phone part, software of an independent financial trading system part comprises phone software and chip software, the phone software is a management part and a public software part of the independent financial trading system, a bound phone number is in the public software part, namely, as long as the phone number of the phone is bound in the public software part, all information required to be sent to the phone by the server can be sent by the phone number, the chip software is a software program of a specific financial trading service provider, memories of the chip are divided into two types, namely a read-only memory and a read-write memory, and the read-only memory comprises a program of the financial trading system of the financial service provider and a machine code of the independent financial trading system, the machine code of the website or other data that do not allow to modify of the financial transaction server needs to be registered in the server, the readable and writable memory is mainly various dynamic passwords and salt value data or other data that need to be updated or modified, the concrete steps are: the user selects goods or services or financial transaction, the order part is completed in the smart phone part, when the order is generated, the order has a complete order number and an abbreviated order number, the abbreviated order number is convenient for inputting, the order abbreviated number is 4 digit number or other numbers which are convenient for inputting, the operator needs to remember the four abbreviated order numbers, then the independent financial transaction system is opened, the financial transaction service provider is selected, namely, the server website or the service provider code of the service provider is selected, the abbreviated order number is input, the system sends the abbreviated order number, the machine code or the bound mobile phone number of the independent financial transaction system to the server, the server retrieves the machine code or the bound mobile phone number and the abbreviated order number, if the data packet does not exist, the server discards the data packet, if relevant records exist, the server sends the reservation information, the reservation code + and the previous transaction time set by the user to the independent financial transaction system part, the user judges whether the reserved information is consistent, the independent financial transaction system judges whether the reserved password is consistent, when the reserved information and the reserved password are verified, the user inputs the user password, the independent financial transaction system encrypts all the user passwords which possibly appear according to the previous transaction time and sends the user passwords to the server after disordering the sequence, the server receives all the user passwords and compares the user passwords with the user passwords stored in the server one by one, when the user passwords are not matched with the passwords, the transaction is terminated, when a matching record exists, the user passwords are sent to the independent financial transaction system, the independent financial transaction system obtains the encryption date according to the user passwords, encrypts the time passwords by using the encryption date and sends the time passwords to the server, the two are matched, the transaction is successful, the two are not matched, the transaction is failed, the transaction is successful or failed, the server returns the time password + and other information to the independent financial transaction system, the transaction is successful, the system returns matched time password +, the transaction is failed, the system returns random data, but the random data and the time password + cannot be identified according to data types, character lengths or other identification characteristics, the matching identification can only depend on the consistency of the data, the transaction is failed, the independent financial transaction system discards a data packet sent by the server, the transaction is successful, the independent financial transaction system sends a new time password +, a reserved password + and a user password + to the server for next use by updating the data, the user selects the transaction to be completed or does not send any operation instruction after a certain time, and the independent financial transaction system is powered off.
Encryption of the password: the independent financial transaction system has three passwords, namely a user password, a time password and a reserved password, wherein the user password is preset by a user and memorized in the mind, the password is input during verification, the time password is a password with a dynamically changing password value along with time, the reserved password is a password for verifying the authenticity of the server, for convenience, the encrypted password is represented by a + number, for example, the encrypted user password is the user password + the independent financial transaction system records two passwords, namely the initial value of the reserved password and the time password, the server records three passwords, the reserved password +, the time password + and the user password +, the user password and the time password are mutually associated, the user password is the same as the existing password and is encrypted by using a Hash algorithm or an asymmetric algorithm or other encryption methods, and the user password consists of two parts, namely, a user input part and a date part, the date part can be regarded as a salt value, for example, the user input part is 291708, the password to be encrypted is 291708#16-02-03, the following #16-02-03 is a date, wherein # is a separator, # can also be represented by other separators, it is represented by 291708 as the part input by the user, 16-02-03 is a time, it is represented by 2016 year 2 month 3 day, the date part and the encryption of the user password are related to the time password, and are introduced together when introducing the time password, the time password is one of dynamic passwords, which is a special dynamic password, the time password is a password that the original password data is re-encrypted after a certain period of time, the password data of the previous period is re-encrypted as the original password data, namely, multiple times of encryption, for example, the encryption period is 24 hours, i.e. after 24 hours from a to B, after 48 hours from B to C, after 72 hours from C to D, thus circulating over a period of time, the encryption uses a hash algorithm or other encryption algorithm against reverse cracking, where reverse cracking is easy for forward encryption and difficult for reverse cracking, e.g. easy for a to encrypt to B and easy for B to encrypt to C, but difficult for C to obtain B and difficult for B to obtain a, the independent financial transaction system randomly generates two parts of original cipher data necessary for the time cipher, i.e. the original encryption data and the encryption date part of the time cipher, which are separated by symbols, e.g. generates original encryption data 246f68hvb39cx and encryption date data 16-02-03, where the encryption date data 16-02-03 means that the encryption date starts from 2016 (2/3/h, it should be noted that, the encryption date is not the transaction date, but a date earlier than the transaction date randomly generated by the system, but the randomly generated encryption date needs a limited range, for example, 3 months earlier than the transaction date, 2016 3 months earlier and 18 days later than the transaction date, the independent financial transaction system encrypts 246f68hvb39cx starting from 2016 2 months and 3 days old as the starting date, until 2016 years and 3 months and 18 days old as the current transaction date, and sends the encrypted result to the server, while the randomly generated encryption date, say 16-02-03, is simultaneously encrypted as the salt value of the user password, and is calculated until the current transaction date, namely 3 months and 18 days, and the encrypted result is sent to the server, and since the clock date of the server is also 3 months and 18 days, the server encrypts once at intervals according to the encryption time, it needs to be noted that, the user password and the time password must be encrypted at the server and the independent financial transaction system at the same frequency, the user password and the time password must be encrypted at the same frequency, the independent financial transaction system still stores the original password, and when password authentication is required next time, the date of the previous transaction is requested from the server. For example, the previous transaction date is 2016, 3, 18, month, the server returns this data to the independent financial transaction system, which encrypts the user password and all the dates that may occur as salt data to the current date, where in case of 2016, 5, 4, month, e.g., according to rules, the random time of the encrypted date is allowed to be 3 months earlier than the transaction time, i.e., 2015, 12, 19, month, so all the dates that may occur are from 2015, 12, 19, month, to 2016, 3, 18, month, if the user enters 291708, the original password is 291708# YY-MM-DD, which is a number of years, i.e., years, from 2015, 12, 19, month, to 2016, 3, 18, month, all the data are encrypted to 2016, 5, 4, month, according to rules, after their order is scrambled, and sent to the server, which is also encrypted synchronously to the current date, i.e., 2016, 5, 4, therefore, a user password + is consistent, if all the user passwords are not consistent, the input password is wrong, if one user password + is consistent, the consistent user password + is sent to the independent financial transaction system, the independent financial transaction system searches out an encryption date from the user password +, the original data of the time password is circularly encrypted by the encryption date until the current date, the time password + is sent to the server, the two are consistent, the password passes verification, but the reserved password is simpler, namely, the original data randomly generated by the system is encrypted by the salt value and then stored in the server, the reserved password is dynamic server reserved information, during verification, the server sends the encrypted data to the independent financial transaction system, the independent financial transaction system encrypts the original password data and the salt value data and compares the data sent by the server, the comparison is performed in the background, the user compares the plaintext reservation information synchronously, the background reservation information is not passed, the next step is rejected, the salt value is a cryptographic term, in the MD5 encryption, a hash algorithm is used, and the hash algorithm obtains a unique information hash value, for example, two persons input 123456 at the same time, the MD5 values of the two 123456 are the same, in order to avoid the situation, additional data needs to be added, the additional data is the salt value (salt), for example, two persons add a salt value a and a salt value B to the passwords of the two persons, respectively, then the system encryption is the MD5 value of 123456A and 123456B, since the hash algorithm has the effect, that is, the data encrypted by the 123456 and the 123456A is not the data encrypted by the hacker after the 123456A is added with a, for example now, the MD5 value of 123456 is 49ba 0559 abe 56e 7, and the MD 35 5 value of 123456A is 22a5B6e 860 a0, and the difficulty of cracking of the password can be increased, in particular, the password is decrypted by using an enumeration method such as dictionary.
The third party limit of the large amount transaction or the lost mobile phone is needed, the owner of the mobile phone needs to bind the third party limit mobile phone, the third party limit mobile phone and the owner set the minimum limit of the large amount transaction together, the minimum limit of the large amount transaction is changed later, the owner of the two mobile phones also needs to agree together, when the owner transacts, the third party limit mobile phone does not receive the notice short message when the transaction amount is less than the minimum limit of the large amount transaction, when the owner transacts, the transaction amount is more than or equal to the minimum limit of the large amount transaction, the transaction permission of the third party limit mobile phone needs to be obtained, when the server does not receive the communication of the agreement transaction of the third party limit mobile phone, the transaction can not be carried out, when the mobile phone is lost, the lost mobile phone can be limited to carry out the transaction only by sending related communication request through the third party limit mobile phone, and the lost owner can, the function can prevent the family from transferring accounts under the deception of some fraud molecules, especially the middle-aged and old people with poor resolving power are easy to be handed to some fraud molecules, and the third party limits the mobile phone to be an optional function.
Description of the drawings: FIG. 1 is a schematic diagram of a basic principle of a smart phone with an independent financial transaction system: phone A and Phone B represent the basic components of the smart Phone, Phone A is a smart Phone part, Phone B is an independent financial transaction system part, Arabic numerals and letters represent the flow of financial transactions of the smart Phone, wherein numerals represent the flow, the front-back sequence of the flow cannot be changed, numerals and letters represent that the steps are allowed to be carried out simultaneously or need to be carried out simultaneously, the sequence is not sequential, 1 represents an order for online shopping or financial transactions generated by the smart Phone part, 2A represents that an operator searches for an order number for the abbreviation, 2B represents that order information is sent to a server, 3 represents that the operator manually inputs the abbreviation order number to the independent financial transaction system, 4 represents that the independent financial transaction system sends the abbreviation order number to the server and compares with the abbreviation order number stored by the server, the abbreviation number does not exist, the transaction is terminated, 5A represents reserved information stored by the search server, and transmitting to an independent financial transaction system, 5B indicating that a reserved password is transmitted to the independent financial transaction system and compared with data of the independent financial transaction system, 5C indicating that a previous transaction time is transmitted to the independent financial transaction system, 6 indicating that a user password is input into the independent financial transaction system, 7 indicating that the independent financial transaction system encrypts all possible password situations according to the user password and the previous transaction time returned by a server and transmits all encrypted data to the server in a disorderly order, 8 indicating that the server transmits a matched user password + record to the independent financial transaction system, 9 indicating that a random encryption date value is determined according to the returned user password + and transmits the encrypted time password to the server by taking the encryption date value as one of encryption parameters, and 10 indicating that the server transmits a transaction short message to the smart phone part, the smart phone part receives the short message.
Fig. 2 is a schematic diagram of cryptographic encryption and decryption: 1A is that the server sends a reserved password + to the independent financial transaction system, and compares the reserved password with encrypted data of the independent financial transaction system, step 1A and step 4, a path of step 7 is provided with a five-pointed star, the meanings represented by the five-pointed star are the same, the step fails to pass the verification, the verification program is terminated, step 1B indicates that the server sends the previous transaction date to the independent financial transaction system, the independent financial transaction system calculates all possible values of the encryption date according to the previous transaction date, step 2 indicates that the independent financial transaction system takes all the possible values of the encryption date as salt value data to be encrypted with the user password one by one to obtain the combination of the user password +, step 3 indicates that all the user passwords + are sent to the server after being disorderly ordered, and step 4 indicates that the server sends the matched user passwords + to the independent financial transaction system, 5 represents a user password + sent by the server in the independent financial transaction system, judges the encryption date, 6 represents that the time password is circularly encrypted according to the encryption date, 7 represents that the time password is encrypted by the independent financial transaction system and is sent to the server, the time password + is compared with the time password + stored by the server, 8 represents that the reserved information is stored in the server after being encrypted, 9 represents that the user password is stored in the server after being encrypted, 10 represents that the encryption date is used as a salt value to participate in the encryption of the user password, C represents that the termination condition during circular encryption is the transaction date, and D represents that the original data is added with the salt value to participate in the encryption of the password.
Claims (5)
1. The utility model provides a take smart mobile phone of independent financial transaction system which characterized by: an independent financial transaction system is arranged on the smart phone and is provided with an independent CPU, a power key, a slot or a clamping position, a keyboard or a virtual keyboard, a storage component,
The mobile phone part of the intelligent mobile phone with the independent financial transaction system only provides a public software part of the independent financial transaction system, the independent financial transaction system does not allow Wifi access and does not receive any short message, after the independent financial transaction system finishes financial transaction, an operator does not select to continue operation, the system is powered off and is closed, the operator does not send an operation instruction, the independent financial transaction system is powered off and is closed after 30 seconds, and the independent financial transaction system is provided with an independent power key, the intelligent mobile phone part and the independent financial transaction system part are controlled by respective power keys, the mutual communication of the independent financial transaction system part and the intelligent mobile phone part can only be input manually, the independent financial transaction system is independent in a transaction link, the transaction flow is divided into two parts, an order part and received transaction information are completed by the intelligent mobile phone part, a third-party mobile phone is adopted to control funds after the mobile phone is lost or large-amount transaction is involved, the financial transaction card is a chip which is provided by a financial transaction service provider for a user and is specially used for communicating with a server of the service provider, the financial transaction service provider is a bank or a third-party payment service provider, an IC card of the financial transaction card is provided with two parts of a read-only memory and a read-write memory, and the read-write memory is a random access memory or a flash memory which is provided with a memory for reading and writing data, the software program, the website address of the financial transaction website and other data which are not allowed to be modified are stored by using a read-only memory, and the password, the salt value data and other data which are allowed to be modified or updated are stored in a random access memory or a flash memory which is allowed to read and write data, wherein the password algorithm which is not related to the part of the smart phone means that the password algorithm is calculated by the independent financial transaction system.
2. The smart phone with independent financial transaction system according to claim 1, wherein: the transaction flow of the intelligent mobile phone part comprises three modules, namely an order generation module, an information sending module and an information receiving module,
step 1: the order generating module is used for generating an order, wherein the order has a complete order number, an abbreviated order number and other transaction information, and the complete order number and the abbreviated order number are in a corresponding relation;
step 2: after order information is generated, the order information is sent to a server module, and the intelligent mobile phone sends the order information to a server; and step 3: and the information module is used for receiving the information sent by the server, the order is cancelled when the payment is not successful or the transaction is successful after a certain time, and the server sends transaction information to the smart phone part after the transaction is successful.
3. The smart phone with independent financial transaction system according to claim 1, wherein: the software of the independent financial transaction system part comprises mobile phone software and chip software, the mobile phone software is a management software and public software part of the independent financial transaction system, the bound mobile phone number is in the public software part, the chip software is a software program and password data of a specific financial transaction service provider, the software data is on a chip, and a machine code needs to be registered in a server, and the specific steps are as follows: after the intelligent mobile phone part generates an order, the order has a complete order number and an abbreviated order number, a financial transaction service provider is selected, namely a server website or a service provider code of the service provider is selected, the abbreviated order number is input, the system sends the abbreviated order number, a machine code or a bound mobile phone number of the independent financial transaction system to the server, the server retrieves the machine code or the bound mobile phone number and the abbreviated order number, if the abbreviated order number does not exist, the data packet is discarded, if a relevant record exists, the server sends reserved information set by a user and previous transaction time to the independent financial transaction system part, the user judges whether the reserved information is consistent, the independent financial transaction system judges whether the reserved password is consistent, when the reserved password is verified by the server and the independent financial transaction system, the user inputs the user password, and the independent financial transaction system encrypts all passwords according to the previous transaction time, sending the data to a server after the order is disordered, comparing the data with user passwords stored in the server one by one after the server receives all the user passwords, terminating the transaction when no password is matched, sending the user passwords to an independent financial transaction system when a matching record exists, obtaining an encryption date by the independent financial transaction system according to the user passwords, encrypting the time passwords by using the encryption date and sending the encrypted time passwords to the server, wherein the time passwords are matched, the transaction is successful and not matched, the transaction is failed, the transaction is successful or failed, the server returns the time passwords and transaction failure information to the independent financial transaction system, the transaction is successful, the matched time passwords are returned by the system, the transaction is failed, the transaction failure information returned by the system is random data, but the random data and the time passwords + are data types, The character length or other identification characteristics cannot be identified, only data consistency matching identification can be relied on, transaction is failed, the independent financial transaction system discards a data packet sent by the server, transaction is successful, the independent financial transaction system sends a new time password +, a reserved password and a user password to the server for next use through updating data, wherein the user password is a password which is preset by a user and is manually input during verification memorized in the mind, the time password is a password with a dynamically changed password value along with time, the reserved password is a password for verifying the authenticity of the server, and the time password +, the reserved password and the user password + refer to the encrypted time password, the reserved password and the user password.
4. The smart phone with independent financial transaction system according to claim 1, wherein: the independent financial transaction system records two passwords, namely initial values of a reserved password and a time password, the server records three passwords, namely a reserved password +, a time password + and a user password +, the user password and the time password are mutually associated, the user password is encrypted by using a password algorithm, the user password consists of two parts, namely a user input part and an encryption date part, the encryption date part is a salt value, the user input part and the encryption date part are separated by a # number or other special symbols for convenient identification, the time part of the user password is a preset encryption date of the time password, the time password is a password for re-encrypting original password data after a certain time, the password data in a previous time period is re-encrypted as original password data, namely multiple times of encryption, the encryption is circulated along with the time period, and the encryption adopts a reverse-direction-cracking prevention encryption algorithm, the anti-reverse cracking here means that the forward encryption is easy, the reverse cracking is difficult, the independent financial transaction system at least needs to randomly generate two parts of original password data necessary for the time password, namely the original encryption data and the encryption date part of the time password, the encryption date is not the transaction date, but the date earlier than the transaction date randomly generated by the system is limited in the randomly generated date, the independent financial transaction system starts to encrypt the original encryption data of the time password from the encryption date as the starting date until the transaction date, the encrypted result is sent to the server, the user password is to encrypt the part input by the user and the salt value from the encryption date as the starting date until the transaction date, the encrypted result is sent to the server, and the encryption frequency of the user password and the time password in the server and the independent financial transaction system must be consistent, and the encryption frequency of the user password and the time password is also required to be consistent, the original password is stored in the independent financial transaction system, the reserved password is obtained by encrypting original data randomly generated by the system through a salt value and then storing the encrypted original data in a server, the reserved password is dynamic server reserved information, the authentication is updated after the authentication is passed, the salt value is a cryptology term, additional data is added into the original password in order to prevent the same original password from obtaining the same encryption result after the encryption, the additional added data is the salt value, and the time password +, the reserved password + and the user password + refer to the encrypted time password, the reserved password and the user password.
5. The smart phone with independent financial transaction system according to claim 1, wherein: the mobile phone owner binds a third party limiting mobile phone, the third party limiting mobile phone and the owner jointly set a minimum limit of a large amount transaction, the two mobile phones jointly agree to the minimum limit of the large amount transaction later, when the owner transacts, the third party limiting mobile phone does not receive a notification short message when the transaction amount is less than the minimum limit of the large amount transaction, when the owner transacts, the transaction amount is greater than or equal to the minimum limit of the large amount transaction, the transaction permission of the third party limiting mobile phone needs to be obtained, when the server does not receive communication of the third party limiting mobile phone agreeing to the transaction, the transaction cannot be carried out, when the mobile phone is lost, the lost mobile phone can be limited to carry out the transaction only by sending a related communication request through the third party limiting mobile phone, the owner can carry out formal loss reporting later, and the third party limiting mobile phone is an optional function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610163385.2A CN107205080B8 (en) | 2016-03-19 | 2016-03-19 | Smart phone with independent financial transaction system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610163385.2A CN107205080B8 (en) | 2016-03-19 | 2016-03-19 | Smart phone with independent financial transaction system |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| CN107205080A CN107205080A (en) | 2017-09-26 |
| CN107205080B true CN107205080B (en) | 2020-06-16 |
| CN107205080B8 CN107205080B8 (en) | 2020-09-29 |
Family
ID=59904803
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610163385.2A Active CN107205080B8 (en) | 2016-03-19 | 2016-03-19 | Smart phone with independent financial transaction system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107205080B8 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109978698B (en) * | 2019-04-02 | 2021-06-15 | 国任财产保险股份有限公司 | Wealth insurance management data safety system based on Internet of things |
| CN110717185B (en) * | 2019-10-18 | 2023-06-02 | 天津津航计算技术研究所 | Security authentication method for remote upgrading |
| CN112532626A (en) * | 2020-11-30 | 2021-03-19 | 南威软件股份有限公司 | Point-to-point encrypted chatting method |
| CN115374462B (en) * | 2022-10-20 | 2023-01-24 | 武汉耳东信息科技有限公司 | Storage management system based on financial service data |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1177155A (en) * | 1996-09-13 | 1998-03-25 | 三星电子株式会社 | Card Transaction System Electronic Payment Terminal |
| CN1514635A (en) * | 2003-04-29 | 2004-07-21 | 叶丰平 | Method of realizing mobile electronic business using finger print intelligence terminal and intelligent hand set |
| CN101576989A (en) * | 2009-06-09 | 2009-11-11 | 阿里巴巴集团控股有限公司 | Method for realizing payment in mobile terminal and mobile device |
| CN201638249U (en) * | 2010-03-25 | 2010-11-17 | 北京银达润和科技发展有限公司 | Wireless intelligent card capable of achieving payment by mobile phone |
| KR20120009854A (en) * | 2010-07-21 | 2012-02-02 | 주식회사 비즈모델라인 | Smartphone application interworking method through communication status determination and smartphone and program for it |
| CN102630083A (en) * | 2012-02-29 | 2012-08-08 | 中国工商银行股份有限公司 | System for using mobile terminal to carry out card operation and method thereof |
| US8376227B2 (en) * | 2006-09-28 | 2013-02-19 | Ayman Hammad | Smart sign mobile transit fare payment |
| CN104217327A (en) * | 2014-09-25 | 2014-12-17 | 山东中孚信息产业股份有限公司 | Financial IC (integrated circuit) card Internet terminal and trading method thereof |
| US9454865B2 (en) * | 2008-08-06 | 2016-09-27 | Intel Corporation | Methods and systems to securely load / reload acontactless payment device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9177316B2 (en) * | 2010-02-19 | 2015-11-03 | Bindu Rama Rao | Mobile monetary transactions and banking for rural populations |
| US20140032297A1 (en) * | 2012-07-24 | 2014-01-30 | Joerg Germann | Mobile device mediated handling of reward points redeemable towards local transportation |
-
2016
- 2016-03-19 CN CN201610163385.2A patent/CN107205080B8/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1177155A (en) * | 1996-09-13 | 1998-03-25 | 三星电子株式会社 | Card Transaction System Electronic Payment Terminal |
| CN1514635A (en) * | 2003-04-29 | 2004-07-21 | 叶丰平 | Method of realizing mobile electronic business using finger print intelligence terminal and intelligent hand set |
| US8376227B2 (en) * | 2006-09-28 | 2013-02-19 | Ayman Hammad | Smart sign mobile transit fare payment |
| US9454865B2 (en) * | 2008-08-06 | 2016-09-27 | Intel Corporation | Methods and systems to securely load / reload acontactless payment device |
| CN101576989A (en) * | 2009-06-09 | 2009-11-11 | 阿里巴巴集团控股有限公司 | Method for realizing payment in mobile terminal and mobile device |
| CN201638249U (en) * | 2010-03-25 | 2010-11-17 | 北京银达润和科技发展有限公司 | Wireless intelligent card capable of achieving payment by mobile phone |
| KR20120009854A (en) * | 2010-07-21 | 2012-02-02 | 주식회사 비즈모델라인 | Smartphone application interworking method through communication status determination and smartphone and program for it |
| CN102630083A (en) * | 2012-02-29 | 2012-08-08 | 中国工商银行股份有限公司 | System for using mobile terminal to carry out card operation and method thereof |
| CN104217327A (en) * | 2014-09-25 | 2014-12-17 | 山东中孚信息产业股份有限公司 | Financial IC (integrated circuit) card Internet terminal and trading method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107205080B8 (en) | 2020-09-29 |
| CN107205080A (en) | 2017-09-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102044751B1 (en) | Method for providing reward according to user authentication based on blockchain | |
| US9858401B2 (en) | Securing transactions against cyberattacks | |
| US9864983B2 (en) | Payment method, payment server performing the same and payment system performing the same | |
| CN101272237B (en) | Method and system for automatically generating and filling login information | |
| JP6514218B2 (en) | Client authentication using social data | |
| EP0995177B1 (en) | Symmetrically-secured electronic communication system | |
| US8898086B2 (en) | Systems and methods for transmitting financial account information | |
| US20170026180A1 (en) | Method and database system for secure storage and communication of information | |
| US20080216172A1 (en) | Systems, methods, and apparatus for secure transactions in trusted systems | |
| US20230259899A1 (en) | Method, participant unit, transaction register and payment system for managing transaction data sets | |
| CN107920052B (en) | Encryption method and intelligent device | |
| CN110290134A (en) | A kind of identity identifying method, device, storage medium and processor | |
| CN104125064B (en) | A kind of dynamic cipher authentication method, client and Verification System | |
| CN107205080B (en) | Smart phone with independent financial transaction system | |
| WO2013044192A2 (en) | Securing transactions against cyberattacks | |
| CN110070363A (en) | Account management method and verification method in block chain network and terminal equipment | |
| CN110098925A (en) | Based on unsymmetrical key pond to and random number quantum communications service station cryptographic key negotiation method and system | |
| WO2020076234A1 (en) | Apparatus and method for controlling data access | |
| US20230267426A1 (en) | Payment system, coin register, participant unit, transaction register, monitoring register and method for payment with electronic coin data sets | |
| CN101335754A (en) | Method for information verification using remote server | |
| US20190288833A1 (en) | System and Method for Securing Private Keys Behind a Biometric Authentication Gateway | |
| CN102693478A (en) | Trading method of bid security during bidding procedure and system thereof | |
| CN110914826B (en) | System and method for distributed data mapping | |
| US11671475B2 (en) | Verification of data recipient | |
| CN109816525A (en) | A kind of data processing method and its device, medium, terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information |
Inventor after: Wang Junfeng Inventor after: Wang Fengzhen Inventor before: Wang Fengzhen |
|
| CB03 | Change of inventor or designer information | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200728 Address after: 427000 No.1 Xueyuan Road, Wulingshan Avenue, Yongding District, Zhangjiajie City, Hunan Province Patentee after: Zhangjiajie Institute of Aeronautical Engineering Address before: 9 groups of long Qiao Xiang Jing Quan Cun 427226 Zhangjiajie city of Hunan province Cili County Jing Patentee before: Wang Fengzhen |
|
| TR01 | Transfer of patent right | ||
| CI03 | Correction of invention patent |
Correction item: Patentee|Address|Inventor Correct: Zhangjiajie aviation industry vocational and technical college|427000 Xueyuan Road, Wulingshan Avenue, Yongding District, Zhangjiajie City, Hunan Province|Wang Junfeng;Wang Fengzhen False: Wang Fengzhen|427226 group 9, jinglongqiao Township, Cili County, Zhangjiajie City, Hunan Province|Wang Fengzhen Number: 25-01 Page: The title page Volume: 36 Correction item: Patentee|Address|Inventor Correct: Zhangjiajie aviation industry vocational and technical college|427000 Xueyuan Road, Wulingshan Avenue, Yongding District, Zhangjiajie City, Hunan Province|Wang Junfeng;Wang Fengzhen False: Wang Fengzhen|427226 group 9, jinglongqiao Township, Cili County, Zhangjiajie City, Hunan Province|Wang Fengzhen Number: 25-01 Volume: 36 |
|
| CI03 | Correction of invention patent |